Researchers target hack-proof pacemakers

PORTLAND, Ore.  Researchers are designing a prototype pacemaker that could prevent a hacker from sending the implant a potentially fatal signal. The secure implant could detect unwanted signals and notify patients of security breaches.

To advance the work, the National Science Foundation has awarded researchers at the University of Massachusetts (Amherst) a three-year grant to perfect the design of their secure implant technology.

"We know of no cases of hackers attacking medical implants," said professor Kevin Fu in the Electrical and Computer Engineering Department at the University of Massachusetts. "But with these devices becoming remotely accessible over the Internet, and with hackers performing malicious acts just to prove they can, we feel it is just a matter of time."

There are over 2.5 million medical implants, including 600,000 pacemakers (implantable cardioverter de?brillators) currently in use in the U.S., according to Fu. Many are programmable, using the 402-405 MHz medical implant communication service or the older short-range 175-KHz band. Most implants are programmable only in the doctor's office, but an increasing number are being made accessible over the Internet, thus exposing them to the possibility of hacks.

Earlier this year, Fu demonstrated that a software radio technique could enable hackers to not only gain access to private medical data recorded by implants, but to reprogram pacemakers to deliver a fatal shock. Fu also demonstrated that hackers could drain the battery of pacemakers by defeating their sleep mode.

A prototype protection circuit uses a wireless integrated sensor platform RFID tag to detect hacks without drawing any power from a pacemaker battery. It then uses a piezoelectric actuator to provide heart patients with an audible alarm that pacemaker security has been breached.

The $449,000 project will culminate in a working circuit that Fu and his colleagues will propose as an addition to future medical implant designs.